diff --git a/services/vault/scripts/vault_k8s_auth_configure.sh b/services/vault/scripts/vault_k8s_auth_configure.sh
index ce9533c..d47ebb5 100644
--- a/services/vault/scripts/vault_k8s_auth_configure.sh
+++ b/services/vault/scripts/vault_k8s_auth_configure.sh
@@ -124,6 +124,9 @@ path "sys/policies/acl" {
 path "sys/policies/acl/*" {
   capabilities = ["create", "update", "read"]
 }
+path "sys/mounts/auth/*" {
+  capabilities = ["read", "update", "sudo"]
+}
 path "kv/data/atlas/vault/*" {
   capabilities = ["read"]
 }